org.owasp.esapi:esapi@2.2.3.1 vulnerabilities
-
latest version
2.5.3.1
-
first published
14 years ago
-
latest version published
6 months ago
-
licenses detected
- [2.0_rc10,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.owasp.esapi:esapi package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.owasp.esapi:esapi is an OWASP project to create simple strong security controls for every web platform. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) through the Notes:
How to fix Cross-site Scripting (XSS)? There is no fixed version for |
[0,)
|
org.owasp.esapi:esapi is an OWASP project to create simple strong security controls for every web platform. Affected versions of this package are vulnerable to Denial of Service (DoS) in the Note: If you are using any of the Upgrading to version 2.5.2.0 addresses the issue described in CVE-2023-24998 but to be fully protected the maintainer recommends taking additional prevention steps as described below. How to fix Denial of Service (DoS)? There is no fixed version for |
[0,)
|
org.owasp.esapi:esapi is an OWASP project to create simple strong security controls for every web platform. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the How to fix Cross-site Scripting (XSS)? Upgrade |
[,2.3.0.0)
|
org.owasp.esapi:esapi is an OWASP project to create simple strong security controls for every web platform. Affected versions of this package are vulnerable to Directory Traversal via the default implementation of the Note:
As a workaround, it is possible to write one's own implementation of the Validator interface by sub-classing a version of the affected How to fix Directory Traversal? Upgrade |
[,2.3.0.0)
|